No I never had that problem, I was using RedHat 6.1 with ipchains, ipmasqadm, and a 2.2x kernel.

Now I use RedHat 7.1, 2.4.9-31 kernel, and iptables.


It should not take that long to load a map, and I don't think it should stop networking during the process.

try running top to see what happens with the memory and cpu while the server changes maps.

Also have another machine just pinging the server from the internet with a long timeout, and see what the pings go up to


Also you can check performance by running net_graph 1 on a client

its working now,

if the clients set their cl_timeout value higher and if the server runs with a -20 priority it works fine. The only problem is that when it is mapchanging the routing processes dont get enough cpu so inet on the client pc's gets realy laggy (the server is also a router).

So im considering running another pc as server. My question problem is that i cant get ports forwarded, i dont know how to do it. This problem causes lots of inet-functions on clients pc to stop working (HLDS is one of them). Could you tell me how to portforward under linux?

Thank you very much

DiMenSioN

Here is an example of how to forward TCP port 15101




Open the port you want to use

iptables -A OUTPUT -i eth0 -p tcp --dport 15101 -j ACCEPT
iptables -A FORWARD -i eth0 -p tcp --dport 15101 -j ACCEPT

Forward the port to the other machine

iptables -t nat -A PREROUTING -i eth0 -p TCP --dport 15101 -j DNAT --to 192.168.0.2:15101

THanks for the answer

I have the pc as a router so how do i do it then?

my clientpc's are connected to eth1, the internet modem is connected to eth0, client ip's are 192.168.0.2-192.168.0.5, my internet ip is 217.120.71.225, could you please give me the line that i have to use then?

And wat lines do i put in the rc.local, to make it forward every time it boots?

Thank u

DiMenSioN

Where is the server?


first run hlds and see if you get connected..


You should get "WON Auth"

and not "Auth Server"


if you don't get that then you need to open some ports


iptables -A tcp_packets -p tcp -m tcp --dport 27010 -j allowed
iptables -A tcp_packets -p udp -m udp --dport 27010 -j allowed
iptables -A tcp_packets -p tcp -m tcp --dport 27015 -j allowed
iptables -A tcp_packets -p udp -m udp --dport 27015 -j allowed



here's a list


// Server Lists
//
Titan
{
half-life.east.won.net:6003
half-life.west.won.net:6003
half-life.central.won.net:6003
}

Auth
{
half-life.east.won.net:7002
half-life.west.won.net:7002
half-life.central.won.net:7002
}

Master
{
half-life.east.won.net:27010
half-life.west.won.net:27010
half-life.central.won.net:27010
}

ModServer
{
half-life.east.won.net:27011
half-life.west.won.net:27011
half-life.central.won.net:27011
}

Secure
{
half-life.speakeasy-nyc.hlauth.net:27012
half-life.speakeasy-sea.hlauth.net:27012
half-life.speakeasy-chi.hlauth.net:27012
}


you may want to use these, if so add the ones you need


iptables -A tcp_packets -p tcp -m tcp --dport 27011 -j allowed
iptables -A tcp_packets -p udp -m udp --dport 27011 -j allowed

iptables -A tcp_packets -p tcp -m tcp --dport 27012 -j allowed
iptables -A tcp_packets -p udp -m udp --dport 27012 -j allowed

iptables -A tcp_packets -p tcp -m tcp --dport 6003 -j allowed
iptables -A tcp_packets -p tcp -m tcp --dport 7002 -j allowed



once you get WON Auth when the server is started you need to forward the port the server is on


default is 27015

iptables -A PREROUTING -d 217.120.71.225 -p tcp -m tcp --dport 27015 -j DNAT --to-dest
ination 192.168.0.2:27015




or maybe this

iptables -t nat -A PREROUTING -d 0/0 -p tcp --destination-port 27015 -i eth0 -j DNAT --to 192.168.0.2

Why do i never get these hlds problems and i run booster metamod and about 3 plugins!

well, i figured that is the port forwarding of the server. Its becauze im trying to run a server behind a linux router. The ports that the server use are not forwarded.

Its not only the Hl port thats not forwarded it are alot of em, for example i cant sent files with msn, icq or irc. I cant talk to people through msn.

So could someone plzz tell me how to forward those ports, i dont need to know what ports they are, i can find that out. I need an example of a commando how to forward a port.

For example:
Linux router internet ip: 213.51.6.99
linux router local ip:192.168.0.1
client pc local ip: 192.168.0.4
I want to run a server on the client pc. there for i need to forward port 27015.
what would the commandline look like then?

Thanks

DiMenSioN

Open the port you want to use

iptables -A OUTPUT -i eth0 -p tcp --dport 15101 -j ACCEPT
iptables -A FORWARD -i eth0 -p tcp --dport 15101 -j ACCEPT

Forward the port to the other machine

iptables -t nat -A PREROUTING -i eth0 -p TCP --dport 15101 -j DNAT --to 192.168.0.2:15101

thank u for the info.

I tried this but it doesnt work.

It says u cant use "-i" with an OUTPUT command, so I left -i and eth0 out of the line and it did work.
The other commandlines did all work.

I used the 3 lines to forward port 6891 which is used by msn to transfer files. Apparently the port wassent forwarded after i use these 3 lines because i couldnt sent with msn.

It might be because i have 2 ehternet cards in the router, eth0 is connected to the internet and eth1 is connected to the home lan. Can U tell me how the lines would look if u take that in account?


DiMenSioN

Not sure where I got the i eth0 on the OUTPUT chain from, something I copied from somewhere I guess.

The good news is msn is a known problem

msn uses a random port

Raz has posted this rule as a fix for it.

-------------------------------------------------------
by Raz

There may be other related firewall issues to consider with msn.

see this post, I think it clears up all the issues.

http://www.linuxquestions.org/questi...3072#post13072

With all this said. It just might not work if anything changes, Who knows? Microsoft is probably doing it intentionally because they are stupid.

The most reasonable thing to do would be to setup an ftp server or http server and transfer files by sending a link to them.

im sorry, but i dont realy understand that line, there are two ip adresses in there, what is ment with the external?
Is the external the ip that i use for my router to connect to the inet?
And what is that seccond ip?

theres another problem, because i use iptables, i cant use ipchains, so what would the line look like then??

I know im getting a bit anoyin, im sorry but i would like it to work.


thanks

DiMenSioN

The ip ending in .0/24 is for the network you want to allow from.

The external ip is your routers internet ip

That is the first part of the rules allowing access from the msn server to the ports on the router.

Follow the link for the other info, it seems to be an issue still undecided.

I looked at all this a while back and decided two things, It's too many ports to forward and it would pretty much defeat the purpose of what I have setup for my router. And it's not as good as ftp.